Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: how to flood the mac address table of a switch?

From: "Shawn Jackson" <sjackson () horizonusa com>
Date: Mon, 1 Dec 2003 11:49:56 -0800

        There is a program called macof. Its part of a package called DSniff which you can get here 
http://www.monkey.org/~dugsong/dsniff/. DSniff is a Linux suite but macof was based off of a program for the UNIX OS, 
It's been years and I can't remember the name of the program. You can also find some ARP tools at 
http://neworder.box.sk/codebox.links.php?key=arptl. At least on Cisco's switch line you can defeat ARP floods by 
enabling port security, but make sure you know the implications of that before you do. Some 'anti-arp' protections can 
be 'overly protective' especially on networks with mis-configured or chatty DHCP servers.


Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521
www.horizonusa.com
 
Email: sjackson () horizonusa com
Phone: (775) 858-2338
       (800) 325-1199 x338

-----Original Message-----
From: Hans Müller [mailto:ndof () gmx li] 
Sent: Monday, December 01, 2003 9:17 AM
To: security-basics () securityfocus com
Subject: how to flood the mac address table of a switch?

How can flood the mac address table of a switch, to see that the security 
function of my switch work?


---------------------------------------------------------------------------
----------------------------------------------------------------------------


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: